<?php
session_start();
$currPage = "searchCars";
include("inc_header.php"); 

if (!isset($_POST['search']))
  {
		?>
	<div id="content">
		<h2><a href="#">Search</a></h2>
		<div class="clearfix">
			<form name="searchForm" method="post" action="searchCars.php">

				<table>
					<tr>
						<td>Make:</td>
						<td><input type="text" value="" name="make" id="make" size="16" maxlength="15" /></td>
					
						<td>Model:</td>
						<td><input type="text" value="" name="model" id="model" size="16" maxlength="15" /></td>
					</tr>
					<tr>
						<td>Year:</td>
						<td><input type="text" value="" name="year" id="year" size="6" maxlength="4" /></td>
					</tr>
					<tr>
						<td>Price:</td>
						<td><input type="text" value="" name="lowPrice" id="lowPrice" size="16" maxlength="15" />   to</td>
						<td><input type="text" value="" name="highPrice" id="highPrice" size="16" maxlength="15" /></td>
					</tr>
					<tr>
						<td>Sort By:</td>
					
						<td><Input type = 'Radio' Name ='sort' value= 'make'>Make</td>
						<td><Input type = 'Radio' Name ='sort' value= 'model'>Model</td>
						<td><Input type = 'Radio' Name ='sort' value= 'year'>Year</td>
						<td><Input type = 'Radio' Name ='sort' value= 'price'>Price</td>
						
					<tr>
						<td><input type="submit" value="Search" name="search" id="search" /></td>
					</tr>
				</table>
				
			</form>
		</div>
	</div>
<?php
}
else
{	$sorted = false;

	$sqlQuery="SELECT * FROM VehicleForSale WHERE";
	
	if($_POST['make'] != "")
	{
		$sqlQuery .= " Make = '" . $_POST['make'] . "' AND";
		$sorted = true;
		
	}
	
	if($_POST['model'] != "")
	{
		$sqlQuery .= " Model = '" . $_POST['model'] . "' AND";
		$sorted = true;
		
	}
	
	if($_POST['year'] != "")
	{
		$sqlQuery .= " VehicleYear = " . $_POST['year'] . " AND";
		$sorted = true;
	}
	
	if($_POST['lowPrice'] != "")
	{
		$sqlQuery .= " Price >= " . $_POST['lowPrice'] . " AND";
		$sorted = true;
	}
	
	if($_POST['highPrice'] != "")
	{
		$sqlQuery .= " Price <= " . $_POST['highPrice'] . " AND";
		$sorted = true;
	}

	if($sorted)
	{
		$sqlQuery = rtrim($sqlQuery, "AND");
	}
	else
	{
		$sqlQuery = rtrim($sqlQuery, "WHER");
	}
	

	if($_POST['sort'] == "make")
	{
		$sqlQuery .= "ORDER BY Make ASC";
	}
	if($_POST['sort'] == "model")
	{
		$sqlQuery .= "ORDER BY Model ASC";
	}
	if($_POST['sort'] == "year")
	{
		$sqlQuery .= "ORDER BY VehicleYear ASC";
	}
	if($_POST['sort'] == "price")
	{
		$sqlQuery .= "ORDER BY Price ASC";
	}


	?>
	
	<div id="content">
		<h2><a href="#">Search</a></h2>
		<div class="clearfix">
			
			
			<table style="width: 600px;">
			<?php
			$host="mysql-user.cse.msu.edu"; // Host name
			$username="hewittry"; // Mysql username
			$password="A39777266"; // Mysql password
			$db_name="hewittry"; // Database name
	

			$conn = new mysqli($host, $username, $password, $db_name);
		
			$result = $conn->query($sqlQuery);
			if($result->num_rows == 0)
			{
				?>
				<tr><td> No Results Found </td></tr>
				<?php
			}
			else
			{
				while ($row = $result->fetch_assoc())
				{
				?>
					<tr>
						<td style="padding-right: 7px; vertical-align: top;">
							<img src="./upload/<?php echo $row['Photo']; ?>" style="float: left; width: 100px; height: 100px;" />
						</td><td>
							<a href="./viewCar.php?id=<?php echo $row["VehicleForSaleID"]; ?>"><strong><?php echo $row["Make"] . " " . $row["Model"] . " " . $row["VehicleYear"]; ?></strong></a><br />
							Price: $<?php echo $row["Price"]; ?><br />
							Owner: <?php echo $row["NonAdmins_AllUsers_LogonID"]; ?><br />
							Posted on: <?php echo date(' h:i:s A F j, Y', $row['timestamp']); ?><br />
							<br />
							<br />
						</td>
					</tr>
				<?php
				}
			}
			?>
			</table>
		</div>
	</div>

<?php
}
include("inc_footer.php"); 
?>
